Dissolving four-manifolds and positive scalar curvature

We prove that many simply connected symplectic four-manifolds dissolve after connected sum with only one copy of $S^{2}\times S^{2}$. For any finite group G that acts freely on the three-sphere we construct closed smooth four-manifolds with fundamental group G which do not admit metrics of positive scalar curvature, but whose universal covers do admit such metrics.Comment: 13 pages; to appear in Mathematische Zeitschrif

Proving opacity of a pessimistic STM

Transactional Memory (TM) is a high-level programming abstraction for concurrency control that provides programmers with the illusion of atomically executing blocks of code, called transactions. TMs come in two categories, optimistic and pessimistic, where in the latter transactions never abort. While this simplifies the programming model, high-performing pessimistic TMs can complex. In this paper, we present the first formal verification of a pessimistic software TM algorithm, namely, an algorithm proposed by Matveev and Shavit. The correctness criterion used is opacity, formalising the transactional atomicity guarantees. We prove that this pessimistic TM is a refinement of an intermediate opaque I/O-automaton, known as TMS2. To this end, we develop a rely-guarantee approach for reducing the complexity of the proof. Proofs are mechanised in the interactive prover Isabelle

Verifying correctness of persistent concurrent data structures: a sound and complete method

Non-volatile memory (NVM), aka persistent memory, is a new memory paradigm that preserves its contents even after power loss. The expected ubiquity of NVM has stimulated interest in the design of persistent concurrent data structures, together with associated notions of correctness. In this paper, we present a formal proof technique for durable linearizability, which is a correctness criterion that extends linearizability to handle crashes and recovery in the context ofNVM.Our proofs are based on refinement of Input/Output automata (IOA) representations of concurrent data structures. To this end, we develop a generic procedure for transforming any standard sequential data structure into a durable specification and prove that this transformation is both sound and complete. Since the durable specification only exhibits durably linearizable behaviours, it serves as the abstract specification in our refinement proof. We exemplify our technique on a recently proposed persistentmemory queue that builds on Michael and Scott’s lock-free queue. To support the proofs, we describe an automated translation procedure from code to IOA and a thread-local proof technique for verifying correctness of invariants

Brief announcement: On strong observational refinement and forward simulation

Hyperproperties are correctness conditions for labelled transition systems that are more expressive than traditional trace properties, with particular relevance to security. Recently, Attiya and Enea studied a notion of strong observational refinement that preserves all hyperproperties. They analyse the correspondence between forward simulation and strong observational refinement in a setting with finite traces only. We study this correspondence in a setting with both finite and infinite traces. In particular, we show that forward simulation does not preserve hyperliveness properties in this setting. We extend the forward simulation proof obligation with a progress condition, and prove that this progressive forward simulation does imply strong observational refinement

Mechanized proofs of opacity: A comparison of two techniques

Software transactional memory (STM) provides programmers with a high-level programming abstraction for synchronization of parallel processes, allowing blocks of codes that execute in an interleaved manner to be treated as atomic blocks. This atomicity property is captured by a correctness criterion called opacity, which relates the behaviour of an STM implementation to those of a sequential atomic specification. In this paper, we prove opacity of a recently proposed STM implementation: the Transactional Mutex Lock (TML) by Dalessandro et al. For this, we employ two different methods: the first method directly shows all histories of TML to be opaque (proof by induction), using a linearizability proof of TML as an assistance; the second method shows TML to be a refinement of an existing intermediate specification called TMS2 which is known to be opaque (proof by simulation). Both proofs are carried out within interactive provers, the first with KIV and the second with both Isabelle and KIV. This allows to compare not only the proof techniques in principle, but also their complexity in mechanization. It turns out that the second method, already leveraging an existing proof of opacity of TMS2, allows the proof to be decomposed into two independent proofs in the way that the linearizability proof does not

Inheritance of Temporal Logic Properties

Abstract. Inheritance is one of the key features for the success of object-oriented languages. Inheritance (or specialisation) supports incremental design and re-use of already written specifications or programs. In a for-mal approach to system design the interest does not only lie in re-use of class definitions but also in re-use of correctness proofs. If a provably correct class is specialised we like to know those correctness properties which are preserved in the subclass. This can avoid re-verification of already proven properties and may thus substantially reduce the verifi-cation effort. In this paper we study the question of inheritance of correctness prop-erties in the context of state-based formalisms, using a temporal logic (CTL) to formalise requirements on classes. Given a superclass and its specialised subclass we develop a technique for computing the set of for-mulas which are preserved in the subclass. For specialisation we allow addition of attributes, modification of existing as well as extension with new methods.

Sympathetically cooled highly charged ions in a radio-frequency trap with superconducting magnetic shielding

We sympathetically cool highly charged ions (HCI) in Coulomb crystals of Doppler-cooled Be+ ions confined in a cryogenic linear Paul trap that is integrated into a fully enclosing radio-frequency resonator manufactured from superconducting niobium. By preparing a single Be+ cooling ion and a single HCI, quantum logic spectroscopy toward frequency metrology and qubit operations with a great variety of species are enabled. While cooling down the assembly through its transition temperature into the superconducting state, an applied quantization magnetic field becomes persistent, and the trap becomes shielded from subsequent external electromagnetic fluctuations. Using a magnetically sensitive hyperfine transition of Be+ as a qubit, we measure the fractional decay rate of the stored magnetic field to be at the 10−10 s−1 level. Ramsey interferometry and spin-echo measurements yield coherence times of >400 ms, demonstrating excellent passive magnetic shielding at frequencies down to DC

Cold highly charged ions in a radio-frequency trap with superconducting magnetic shielding

We implement sympathetic cooling of highly charged ions (HCI) by fully enclosing a linear Paul trap within a superconducting radio-frequency resonator. A quantization magnetic field applied while cooling down into the superconducting state remains present in the trap for centuries and external electromagnetic fluctuations are greatly suppressed. A magnetic field decay rate at the 10$^{-10}$ s$^{-1}$ level is found using trapped Doppler-cooled Be$^+$ ions as hyperfine-structure (hfs) qubits. Ramsey interferometry and spin-echo measurements on magnetically-sensitive hfs transitions yield coherence times of >400 ms, showing excellent passive shielding at frequencies down to DC. For sympathetic cooling of HCI, we extract them from an electron beam ion trap (EBIT) and co-crystallize one together with Doppler-cooled Be$^+$ ions. By subsequently ejecting all but one Be$^+$ ions, we prepare single HCI for quantum logic spectroscopy towards frequency metrology and qubit operations with a great variety of HCI species.Comment: 16 pages, 19 figures. The following article has been submitted to Review of Scientific Instruments. After it is published, it will be found at https://rsi.aip.org

A Sound and Complete Proof Technique for Linearizability of Concurrent Data Structures

Efficient implementations of data structures such as queues, stacks or hash-tables allow for concurrent access by many processes at the same time. To increase concurrency, these algorithms often completely dispose with locking, or only lock small parts of the structure. Linearizability is the standard correctness criterion for such a scenario—where a concurrent object is linearizable if all of its operations appear to take effect instantaneously some time between their invocation and return. The potential concurrent access to the shared data structure tremendously increases the complexity of the verification problem, and thus current proof techniques for showing linearizability are all tailored to specific types of data structures. In previous work, we have shown how simulation-based proof conditions for linearizability can be used to verify a number of subtle concurrent algorithms. In this article, we now show that conditions based on backward simulation can be used to show linearizability of every linearizable algorithm, that is, we show that our proof technique is both sound and complete. We exemplify our approach by a linearizability proof of a concurrent queue, introduced in Herlihy and Wing's landmark paper on linearizability. Except for their manual proof, none of the numerous other approaches have successfully treated this queue. Our approach is supported by a full mechanisation: both the linearizability proofs for case studies like the queue, and the proofs of soundness and completeness have been carried out with an interactive prover, which is KIV